public function handle()
{
#
if ($this->is_console) {
$this->params = $this->service->params;
return $this->console();
}
# If not logged in, redirect to login page
if (!User::is_logged_in()) {
$this->t->flash('Please login to access that page.', 'warning');
return $this->redirect('auth', 'login');
}
# Change password request
if ($this->request->action_is('change-password')) {
$form = new PasswordFormValidator($this->request);
if ($form->validate('old-password', 'new-password', 'new-password-confirm')) {
$user = User::current();
$user->set_password($this->request->post('new-password'));
if ($user->save()) {
$this->t->flash('Your password has been changed.', 'success');
} else {
$this->t->flash('There was a problem saving your password.', 'danger');
}
} else {
$this->t->data('form-validator', $form);
}
$content = $this->render_view('content');
} else {
$content = $this->render_view('content');
}
return $content;
}
public function testShouldLogInAndLogOutUser()
{
$user = User::find_by_name('NeechyUser');
$user->login();
$this->assertTrue(User::is_logged_in($user), 'User should be logged in.');
$user->logout();
$this->assertFalse(User::is_logged_in($user), 'User should be logged out.');
}
/**
*
* @param int $limit [description]
* @return array
*/
public static function get_posts($limit = false)
{
$blog = new Blog('posts/');
// Get drafted posts as well
if (User::is_logged_in()) {
return $blog->getAllPosts($limit);
}
return $blog->getPosts($limit);
}
public static function current($field = null)
{
if (!User::is_logged_in()) {
return null;
} elseif (!$field) {
return User::find_by_name($_SESSION['user']['name']);
} else {
return $_SESSION['user'][$field];
}
}
function _page_footer($site)
{
require_once "classes/User.class.php";
$user = new User();
$html = "\n<p style='clear:both;'></p>\n";
if ($user->is_logged_in()) {
}
$html .= "\n</body></html>\n";
return $html;
}
function __construct($admin_path)
{
$this->check_magic_quotes();
require $admin_path . '/core/library/config.php';
$config = $this->config = new Config($admin_path);
require $config->library_path . '/string.php';
require $config->library_path . '/file.php';
spl_autoload_register(array($this, 'autoload'));
$is_config_loaded = $this->config->load();
$this->setup_error_reporting();
if (!$is_config_loaded) {
$router = new Router($config, null, '/setup/install/');
} else {
$router = new Router($config);
}
$hook = new Hook();
$admin_script = new Admin\Scripts($router->admin_url, $router, $config);
$admin_style = new Admin\Styles($router->admin_url, $router, $config);
$hook->add('admin_head', array($admin_style, 'do_items'), 0, 10);
$hook->add('admin_head', array($admin_script, 'do_head_items'), 0, 10);
$hook->add('admin_footer', array($admin_script, 'do_footer_items'), 0, 100);
$settings = new Settings($config);
$router->settings = $settings;
$active_template = $settings->get_template_about();
$template_script = new Template\Scripts('', $router, $config, $active_template['version']);
$template_style = new Template\Styles('', $router, $config, $active_template['version']);
$hook->add('head', array($template_style, 'do_items'), 0, 10);
$hook->add('head', array($template_script, 'do_head_items'), 0, 10);
$hook->add('footer', array($template_script, 'do_footer_items'), 0, 100);
$user = new User($config, $router);
$view = new View($config, $router, $hook);
if ($settings->get('connection', 'type') && 'direct' != $settings->get('connection', 'type')) {
$class_name = Filesystem::get_class_name($settings->get('connection', 'type'));
$filesystem = new $class_name($config, array('connection_type' => $settings->get('connection', 'type'), 'hostname' => $settings->get('connection', 'hostname'), 'username' => $settings->get('connection', 'username'), 'password' => $settings->get('connection', 'password')));
} else {
$filesystem = new Filesystem\Direct($config);
}
$addon = new Addon($config, $settings, $hook, $admin_script, $admin_style, $template_script, $template_style, $filesystem, $router);
$addon->load_active();
$content = new Content($config, $filesystem, $router, $settings, $hook);
$template = new Template($config, $filesystem, $router, $settings, $hook, $template_script, $template_style, $content);
$router->parse_request_url();
$router->set_controller_class();
$controller_class = $router->controller_class;
$controller = new $controller_class($router, $view, $filesystem, $config, $user, $template, $settings, $hook, $content, $addon);
if (!$user->is_logged_in() && !$controller->is_no_auth_action()) {
Router::redirect($router->admin_url('/user/login/'));
exit;
}
$controller->call_action();
}
'legend'=>'Please correct the following errors',
'body'=>$body
);
array_unshift($panels,$panel);
endif;
endif;
endif;
endif;
endif;
?>
<div id="middle">
<?include('./templates/parts/panels.php')?>
<?php
if (User::is_logged_in() && User::get_id() != $user['id']) {
include './templates/forms/user-review-form.php';
}
?>
<br />
</div>
<?include ('./templates/layout/page-right.php')?>
<?include ('./templates/layout/page-footer.php')?>
<link rel='stylesheet' href='css/custom.css' type='text/css' media='screen' />
<link rel='stylesheet' href='css/form_ad.css' type='text/css' media='screen' />
<link rel='stylesheet' href='css/form_static.css' type='text/css' media='screen' />
</head>
<body>
<div id="container">
<div id="top">
<h1>Classified Ad Admin</h1>
<?php
if (User::is_logged_in() && User::get_id() == 1) {
?>
<span class="form">Welcome: <a href="setting-profile.php"><?php
print User::get_username();
?>
</a> | <a href='index.php?logout'>Logout</a></span>
<?php
}
?>
</div>
<br />
$page = 'dash';
if (isset($_GET['p'])) {
$page = trim($_GET['p']);
}
if (isset($_GET['logout'])) {
// delete the session auth session so you have to go back through google authentication.
unset($_SESSION['access_token']);
header('Location: https://www.google.com/accounts/Logout?continue=https://appengine.google.com/_ah/logout?continue=http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']);
}
$current_user = new User();
if (isset($APP['user']['email'])) {
$current_user->load($APP['user']['email']);
$current_user->set_nonce();
$_SESSION['nonce'] = $current_user->nonce;
}
if (!$current_user->is_logged_in()) {
$page = 'loggedout';
}
run_parse_loop();
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=Edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="mobile-web-app-capable" content="yes">
<meta name="apple-mobile-web-app-capable" content="yes">
<link rel="manifest" href="manifest.json">
<title><?php
echo $APP['name'];
exit;
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title>XMR</title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.1/css/bootstrap.min.css">
</head>
<body>
<div class="container">
<div class="page-header">
<h1>XMR integration <small>by TheKoziTwo</small></h1>
</div>
<?php
if (User::is_logged_in()) {
?>
<?php
echo flash_msg();
?>
<div class="panel panel-success">
<div class="panel-heading">
<h3 class="panel-title">Welcome <strong><?php
echo $user->username();
?>
</strong></h3>
</div>
<div class="panel-body">This is a basic integration of monero where all essential parts have been coded. Feel free to use the code for anything you please.<?php
echo $user->is_admin() ? '<br/><br/>You have admin permissions, click <a href="admin.php">here</a> to go to admin panel' : '';
public function user_button()
{
if (User::is_logged_in()) {
$logged_in_dropdown = <<<HTML5
<div class="btn btn-group user-button logged-in">
<button type="button" class="btn btn-info">%s</button>
<button type="button" class="btn btn-info dropdown-toggle" data-toggle="dropdown"
aria-haspopup="true" aria-expanded="false">
<span class="caret"></span>
<span class="sr-only">Toggle Dropdown</span>
</button>
<ul class="dropdown-menu">
<li>%s</li>
<li>%s</li>
</ul>
</div>
HTML5;
$user_name = User::current('name');
$user_button = sprintf($logged_in_dropdown, $user_name, $this->neechy_link('Change Password', 'password', 'change', $user_name), $this->neechy_link('Logout', 'auth', 'logout'));
} else {
$format = <<<HTML5
<div class="user-button">
%s
</div>
HTML5;
$link = $this->neechy_link('Login / SignUp', 'auth', 'login', null, array('class' => 'btn btn-primary navbar-btn'));
$user_button = sprintf($format, $link);
}
return $user_button;
}
exit;
}
}
}
if (isset($_GET['logout'])) {
session_destroy();
header('Location: index.php');
exit;
}
include "page-header.php";
?>
<div id="wrapper">
<?php
if (!(User::is_logged_in() || User::get_id() == 1)) {
?>
<form name="form_login" id="form_login" method="post" enctype='application/x-www-form-urlencoded' accept-charset="UTF-8" class="form">
<h2>Login</h2>
<br />
<?php
if (isset($success) && !$success) {
print "<ul class='errors'>";
foreach ($errors as $err) {
print "<li>{$err}</li>";
}
print "</ul>";
<?php
/**
* Classified-ads-script
*
* Admin area
*
* @copyright Copyright (c) Szilard Szabo
* @license GPL v3
* @package Admin
*/
include "./include/common.php";
include "./include/thumb.php";
$g_id = isset($_REQUEST['id']) ? (int) $_REQUEST['id'] : 0;
if (!User::is_logged_in() || User::get_id() != 1 || $g_id < 2) {
header('Location: index.php');
exit;
}
$exists = User::exists($g_id);
if (!$exists) {
$success = false;
$errors = array_push($errors, $current_group_page['name'] . " not exist.");
} else {
$user = User::get_one($g_id);
}
if ($exists) {
$p_name = $user['name'];
$p_username = $user['username'];
$p_email = $user['email'];
$p_telephone = $user['telephone'];
$p_city = $user['city'];
<?php
/**
* Classified-ads-script
*
* Admin area
*
* @copyright Copyright (c) Szilard Szabo
* @license GPL v3
* @package Admin
*/
include "./include/common.php";
if (!User::is_logged_in() || User::get_id() != 1 || !User::exists(1)) {
header('Location: index.php');
exit;
}
$g_id = 1;
$user = User::get_one($g_id);
$exists = 1;
if ($exists) {
$p_name = $user['name'];
$p_username = $user['username'];
$p_email = $user['email'];
$p_telephone = $user['telephone'];
$p_city = $user['city'];
$p_region = $user['region'];
$p_category = $user['category'];
$p_webpage = $user['webpage'];
}
if (isset($_POST['reset'])) {
unset($_POST);
<input name='picture' type='file' />
<div class='note'>max. 500 Kb 800x600 pixel jpg picture</div>
</div>
</div>
<div class="fleft">
<div class="input-block">
<label for='region' class="required">Region</label>
<?include('./templates/parts/select-region.php')?>
</div>
<div class="input-block">
<label for='category' class="required">Category</label>
<?include('./templates/parts/select-category.php')?>
</div>
<div class="input-block">
<label for='city'>City</label>
<input name='city' type='text' value='<?if(isset($p_city)) print $p_city; else if(User::is_logged_in()) print User::get_prop('city')?>' />
</div>
</div>
<br />
<div class="fleft">
<div class="input-block">
<label for='description' class="required">Description</label>
<textarea rows="10" cols="56" id='description' name='description' cols='39' rows='14' onKeyDown="textCounter('description',500,'description-counter')" onKeyUp="textCounter('description',500,'description-counter')"><?if(isset($p_description)) print $p_description?></textarea>
<div class="note">The description can be <input id="description-counter" type="text" value="500" /> charaters more.</div>
<script>textCounter('description',500,'description-counter')</script>
</div>
<div class="input-block">
<label for='price'>Price</label>
<input name='price' type='text' value='<?if(isset($p_price)) print $p_price?>' />
?> '>My Ads</a></p> <p><a href='user-favourites.php'>Favourites</a></p> <p><a href='user-profile.php'>Profile</a></p> <p><a href='user-new-password.php'>New password</a></p> <p><a href='user-login.php?logout'>Logout</a></p> <?endif?> </div> <?if(! User::is_logged_in()):?> <p><a href='user-registration.php'>Registration</a></p> <?endif?> <br /> <div> <p>Counters</p> <p><a href="ad-list.php?list=fresh">Fresh <span class="count"><?php echo $ct_fresh; ?> </span></a></p> <p><a href="ad-list.php?list=all">All <span class="count"><?php echo $ct_all;
/**
* Determine whether a user can write comments on this view
*
* If the view doesn't have the allowcomments property set,
* then we must look at the view_access records to determine
* whether the user can leave comments.
*
* In view_access, allowcomments indicates that the user can
* comment, however if approvecomments is also set on a particular
* access record, then all comments can only be private until the
* view owner decides to make them public.
*
* Returns false, 'private', or true
*/
public function user_comments_allowed(User $user)
{
global $SESSION;
if (!$user->is_logged_in() && !get_config('anonymouscomments')) {
return false;
}
if ($this->get('allowcomments')) {
return $this->get('approvecomments') ? 'private' : true;
}
$userid = $user->get('id');
$access = self::user_access_records($this->id, $userid);
$publicviews = get_config('allowpublicviews');
$publicprofiles = get_config('allowpublicprofiles');
$allowcomments = false;
$approvecomments = true;
$mnettoken = get_cookie('mviewaccess:' . $this->id);
$usertoken = get_cookie('viewaccess:' . $this->id);
$cid = $this->collection_id();
$ctoken = $cid ? get_cookie('caccess:' . $cid) : null;
foreach ($access as $a) {
if ($a->accesstype == 'public') {
if (!$publicviews && (!$publicprofiles || $this->type != 'profile')) {
continue;
}
} else {
if ($a->token && $a->token != $mnettoken && (!$publicviews || $a->token != $usertoken && $a->token != $ctoken)) {
continue;
} else {
if (!$user->is_logged_in()) {
continue;
} else {
if ($a->accesstype == 'friends') {
$owner = $this->get('owner');
if (!get_field_sql('
SELECT COUNT(*) FROM {usr_friend} f WHERE (usr1=? AND usr2=?) OR (usr1=? AND usr2=?)', array($owner, $userid, $userid, $owner))) {
continue;
}
}
}
}
}
if ($a->allowcomments) {
$allowcomments |= $a->allowcomments;
$approvecomments &= $a->approvecomments;
}
if (!$approvecomments) {
return true;
}
}
if ($allowcomments) {
return $approvecomments ? 'private' : true;
}
return false;
}
<select name='category'>
<?
if(count($categories)< 1) print "<option value='0'>Create a category first!</option>";
foreach($categories as $category):
$selected = '';
if(isset($p_category)){if($p_category == $category['id'])$selected = "selected='selected'";}
else if(User::is_logged_in()&& User::get_prop('category')==$category['id'])$selected = "selected='selected'";
print "<option value='" . $category['id'] . "' $selected>" . $category['name'] . "</option>";
$sub_categories = $category['childs'];
if(is_array($sub_categories)):
foreach($sub_categories as $sub_category):
$selected = '';
if(isset($p_category)){if($p_category == $sub_category['id'])$selected = "selected='selected'";}
else if(User::is_logged_in()&& User::get_prop('category')==$sub_category['id'])$selected = "selected='selected'";
print "<option value='" . $sub_category['id'] . "' $selected> - " . $sub_category['name'] . "</option>";
endforeach;
endif;
endforeach;
?>
</select>
/**
* Determine whether a user can write comments on this view
*
* If the view doesn't have the allowcomments property set,
* then we must look at the view_access records to determine
* whether the user can leave comments.
*
* In view_access, allowcomments indicates that the user can
* comment, however if approvecomments is also set on a particular
* access record, then all comments can only be private until the
* view owner decides to make them public.
*
* Returns false, 'private', or true
*/
public function user_comments_allowed(User $user)
{
global $SESSION;
if (!$user->is_logged_in() && !get_config('anonymouscomments')) {
return false;
}
if ($this->get('allowcomments')) {
return $this->get('approvecomments') ? 'private' : true;
}
$userid = $user->get('id');
$access = self::user_access_records($this->id, $userid);
$publicviews = get_config('allowpublicviews');
$publicprofiles = get_config('allowpublicprofiles');
// a group view won't have an 'owner'
if ($publicviews && ($ownerobj = $this->get_owner_object())) {
$owner = new User();
$owner->find_by_id($ownerobj->id);
$publicviews = $owner->institution_allows_public_views();
}
$allowcomments = false;
$approvecomments = true;
$mnettoken = get_cookie('mviewaccess:' . $this->id);
$usertoken = get_cookie('viewaccess:' . $this->id);
$cid = $this->collection_id();
$ctoken = $cid ? get_cookie('caccess:' . $cid) : null;
if ($access) {
foreach ($access as $a) {
if ($a->accesstype == 'public') {
if (!$publicviews && (!$publicprofiles || $this->type != 'profile')) {
continue;
}
} else {
if ($a->token && $a->token != $mnettoken && (!$publicviews || $a->token != $usertoken && $a->token != $ctoken)) {
continue;
} else {
if (!$user->is_logged_in()) {
continue;
} else {
if ($a->accesstype == 'friends') {
$owner = $this->get('owner');
if (!get_field_sql('
SELECT COUNT(*) FROM {usr_friend} f WHERE (usr1=? AND usr2=?) OR (usr1=? AND usr2=?)', array($owner, $userid, $userid, $owner))) {
continue;
}
}
}
}
}
$objectionable = $this->is_objectionable();
if ($a->allowcomments && ($objectionable && ($user->get('admin') || $user->is_institutional_admin()) || !$objectionable)) {
$allowcomments = $allowcomments || $a->allowcomments;
$approvecomments = $approvecomments && $a->approvecomments;
}
if (!$approvecomments) {
return true;
}
}
}
if ($allowcomments) {
return $approvecomments ? 'private' : true;
}
return false;
}
* Here we define several Slim application routes that respond
* to appropriate HTTP request methods. In this example, the second
* argument for `Slim::get`, `Slim::post`, `Slim::put`, and `Slim::delete`
* is an anonymous function. If you are using PHP < 5.3, the
* second argument should be any variable that returns `true` for
* `is_callable()`. An example GET route for PHP < 5.3 is:
*
* $app = new Slim();
* $app->get('/hello/:name', 'myFunction');
* function myFunction($name) { echo "Hello, $name"; }
*
* The routes below work with PHP >= 5.3.
*/
// Some global template variables
Data::$data['title'] = $app->config('title');
Data::$data['logged_in'] = User::is_logged_in() ? true : false;
Data::$data['subtitle'] = $app->config('subtitle');
Data::$data['next_page'] = 0;
// Blog index
$app->get('/', function () use($app) {
Data::$data['posts_all'] = R::find('post', '1 ORDER BY id DESC ');
$count = count(Data::$data['posts_all']);
if ($count) {
Data::$data['posts'] = array(Data::$data['posts_all'][key(Data::$data['posts_all'])]);
}
if ($count > 1) {
Data::$data['next_page'] = 1;
}
$app->render('index.php', Data::$data);
});
// Blog Admin Login
<?php
/**
* Classified-ads-script
*
* @copyright Copyright (c) Szilard Szabo
* @license GPL v3
* @package Frontend
*/
include "./admin/include/common.php";
$r_id = isset($_REQUEST['id']) ? (int) $_REQUEST['id'] : 0;
$exists = Ad::exists($r_id, array("active" => 1));
if ($exists) {
$ad = Ad::get_one($r_id);
if (isset($_POST['send']) && User::is_logged_in()) {
$success = true;
$errors = array();
$p_message = strip_tags($_POST['message']);
if ($p_message == '') {
$success = false;
array_push($errors, "Please enter your message.");
}
if ($p_message != '' && !preg_match('/^[\\s\\S]{0,200}$/u', $p_message)) {
$success = false;
array_push($errors, "The message must be no more than 200 character long.");
}
if ($success) {
$userid = USER::get_id();
$username = USER::get_name();
$adid = $r_id;
$report = $p_message;
<br />
<div class="fleft">
<div class="input-block">
<label for='description' class="required">Description</label>
<textarea rows="10" cols="56" id='description' name='description' onKeyDown="textCounter('description',500,'description-counter')" onKeyUp="textCounter('description',500,'description-counter')"><?if(isset($p_description)&& ! $success) print $p_description?></textarea>
<div class="note">The Description can be <input id="description-counter" type="text" value="500" /> characters more.</span></div>
<script>textCounter('description',500,'description-counter')</script>
</div>
<div class="input-block">
<label for='price'>Price</label>
<input name='price' type='text' <?if(isset($p_price)&& ! $success) print "value='$p_price'"?> />
</div>
<div class="input-block">
<label for='webpage'>Webpage</label>
<input name='webpage' type='text' value='<?if(isset($p_webpage)) print $p_webpage; else if(User::is_logged_in()) print User::get_prop('weblap')?>' />
</div>
<div class="input-block">
<label for='terms'> </label>
<input name='terms' type='checkbox' <?if(! isset($p_terms)||($p_terms > 0 && ! $success)) print 'checked="checked"'?> />
<span><a href="#" onclick="return(makePopup(this,'<?php
echo $site_url;
?>
/terms-of-use.php'))">I agree with the Terms & Conditions</a></span>
</div>
</div>
<div class="fleft">
<div class="input-block">
<label for='newsletter'> </label>
<span><a href="#">You'll receive our email newsletters and account updates.</a></span>
<?php
/**
* Classified-ads-script
*
* Admin area
*
* @copyright Copyright (c) Szilard Szabo
* @license GPL v3
* @package Admin
*/
include "./include/common.php";
include "Pager/Pager.php";
if (!User::is_logged_in() || User::get_id() != 1) {
header('Location: index.php');
exit;
}
if (isset($_GET['d'])) {
$d = (int) $_GET['d'];
AdReview::delete($d);
}
$tct = AdReview::count();
//total count
$rpp = 10;
//row per page
$pager_options = array('mode' => 'Sliding', 'perPage' => $rpp, 'delta' => 2, 'totalItems' => $tct, 'excludeVars' => array('o', 'r', 'd', 't', 'e'));
$pager = @Pager::factory($pager_options);
list($from, $to) = $pager->getOffsetByPageId();
$reviews = AdReview::get_all(array(), '', $from - 1 . ", {$rpp}");
include "page-header.php";
?>
<?php
ini_set("error_reporting", E_ERROR);
date_default_timezone_set("America/New_York");
$pages = array('' => "splash.php", '/about' => "about.php", '/images' => "image.php", '/ajax/test' => "test.php", '/login' => "login.php");
$no_auth = array('images');
require_once "classes/Site.class.php";
require_once "classes/User.class.php";
$site = new site();
$user = new User();
if (!$user->is_logged_in() && !in_array($site->uri_parts[0], $no_auth)) {
$site->parse_uri("/login");
}
$page = $pages[$site->uri_path];
if ($site->is_image()) {
$page = "image.php";
}
if ($page) {
$site->html = $site->load_page($page);
} else {
$site->html = $site->load_page('404.php');
$site->status = 404;
}
if ($site->status == 404) {
header("HTTP/1.1 404 Not Found");
} else {
header("HTTP/1.1 200 OK");
}
if ($site->is_ajax() || $site->is_image()) {
$contents = $site->html;
} else {
